Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(109)

Side by Side Diff: net/third_party/nss/ssl/sslgathr.c

Issue 9733012: Update NSS to NSS 3.13.4 pre-release snapshot 20120319. (Closed) Base URL: svn://svn.chromium.org/chrome/trunk/src/
Patch Set: Forgot to update the sslerr.h and SSLerrs.h files Created 8 years, 9 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch | Annotate | Revision Log
OLDNEW
1 /* 1 /*
2 * Gather (Read) entire SSL2 records from socket into buffer. 2 * Gather (Read) entire SSL2 records from socket into buffer.
3 * 3 *
4 * ***** BEGIN LICENSE BLOCK ***** 4 * ***** BEGIN LICENSE BLOCK *****
5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1 5 * Version: MPL 1.1/GPL 2.0/LGPL 2.1
6 * 6 *
7 * The contents of this file are subject to the Mozilla Public License Version 7 * The contents of this file are subject to the Mozilla Public License Version
8 * 1.1 (the "License"); you may not use this file except in compliance with 8 * 1.1 (the "License"); you may not use this file except in compliance with
9 * the License. You may obtain a copy of the License at 9 * the License. You may obtain a copy of the License at
10 * http://www.mozilla.org/MPL/ 10 * http://www.mozilla.org/MPL/
(...skipping 18 matching lines...) Expand all
29 * in which case the provisions of the GPL or the LGPL are applicable instead 29 * in which case the provisions of the GPL or the LGPL are applicable instead
30 * of those above. If you wish to allow use of your version of this file only 30 * of those above. If you wish to allow use of your version of this file only
31 * under the terms of either the GPL or the LGPL, and not to allow others to 31 * under the terms of either the GPL or the LGPL, and not to allow others to
32 * use your version of this file under the terms of the MPL, indicate your 32 * use your version of this file under the terms of the MPL, indicate your
33 * decision by deleting the provisions above and replace them with the notice 33 * decision by deleting the provisions above and replace them with the notice
34 * and other provisions required by the GPL or the LGPL. If you do not delete 34 * and other provisions required by the GPL or the LGPL. If you do not delete
35 * the provisions above, a recipient may use your version of this file under 35 * the provisions above, a recipient may use your version of this file under
36 * the terms of any one of the MPL, the GPL or the LGPL. 36 * the terms of any one of the MPL, the GPL or the LGPL.
37 * 37 *
38 * ***** END LICENSE BLOCK ***** */ 38 * ***** END LICENSE BLOCK ***** */
39 /* $Id: sslgathr.c,v 1.12 2010/04/25 23:37:38 nelson%bolyard.com Exp $ */ 39 /* $Id: sslgathr.c,v 1.13 2012/03/11 04:32:35 wtc%google.com Exp $ */
40 #include "cert.h" 40 #include "cert.h"
41 #include "ssl.h" 41 #include "ssl.h"
42 #include "sslimpl.h" 42 #include "sslimpl.h"
43 #include "sslproto.h" 43 #include "sslproto.h"
44 44
45 /* Forward static declarations */ 45 /* Forward static declarations */
46 static SECStatus ssl2_HandleV3HandshakeRecord(sslSocket *ss); 46 static SECStatus ssl2_HandleV3HandshakeRecord(sslSocket *ss);
47 47
48 /* 48 /*
49 ** Gather a single record of data from the receiving stream. This code 49 ** Gather a single record of data from the receiving stream. This code
(...skipping 84 matching lines...) Expand 10 before | Expand all | Expand 10 after
134 gs->offset += nb; 134 gs->offset += nb;
135 gs->remainder -= nb; 135 gs->remainder -= nb;
136 136
137 if (gs->remainder > 0) { 137 if (gs->remainder > 0) {
138 continue; 138 continue;
139 } 139 }
140 140
141 /* Probably finished this piece */ 141 /* Probably finished this piece */
142 switch (gs->state) { 142 switch (gs->state) {
143 case GS_HEADER: 143 case GS_HEADER:
144 » if ((ss->opt.enableSSL3 || ss->opt.enableTLS) && !ss->firstHsDone) { 144 » if (!SSL3_ALL_VERSIONS_DISABLED(&ss->vrange) && !ss->firstHsDone) {
145 145
146 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); 146 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
147 147
148 /* If this looks like an SSL3 handshake record, 148 /* If this looks like an SSL3 handshake record,
149 ** and we're expecting an SSL2 Hello message from our peer, 149 ** and we're expecting an SSL2 Hello message from our peer,
150 ** handle it here. 150 ** handle it here.
151 */ 151 */
152 if (gs->hdr[0] == content_handshake) { 152 if (gs->hdr[0] == content_handshake) {
153 if ((ss->nextHandshake == ssl2_HandleClientHelloMessage) || 153 if ((ss->nextHandshake == ssl2_HandleClientHelloMessage) ||
154 (ss->nextHandshake == ssl2_HandleServerHelloMessage)) { 154 (ss->nextHandshake == ssl2_HandleServerHelloMessage)) {
(...skipping 23 matching lines...) Expand all
178 } else if (gs->hdr[0] == content_alert) { 178 } else if (gs->hdr[0] == content_alert) {
179 if (ss->nextHandshake == ssl2_HandleServerHelloMessage) { 179 if (ss->nextHandshake == ssl2_HandleServerHelloMessage) {
180 /* XXX This is a hack. We're assuming that any failure 180 /* XXX This is a hack. We're assuming that any failure
181 * XXX on the client hello is a failure to match 181 * XXX on the client hello is a failure to match
182 * XXX ciphers. 182 * XXX ciphers.
183 */ 183 */
184 PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP); 184 PORT_SetError(SSL_ERROR_NO_CYPHER_OVERLAP);
185 return SECFailure; 185 return SECFailure;
186 } 186 }
187 } 187 }
188 » }» /* ((ss->opt.enableSSL3 || ss->opt.enableTLS) && !ss->firstHsDon e) */ 188 » }
189 189
190 /* we've got the first 3 bytes. The header may be two or three. */ 190 /* we've got the first 3 bytes. The header may be two or three. */
191 if (gs->hdr[0] & 0x80) { 191 if (gs->hdr[0] & 0x80) {
192 /* This record has a 2-byte header, and no padding */ 192 /* This record has a 2-byte header, and no padding */
193 gs->count = ((gs->hdr[0] & 0x7f) << 8) | gs->hdr[1]; 193 gs->count = ((gs->hdr[0] & 0x7f) << 8) | gs->hdr[1];
194 gs->recordPadding = 0; 194 gs->recordPadding = 0;
195 } else { 195 } else {
196 /* This record has a 3-byte header that is all read in now. */ 196 /* This record has a 3-byte header that is all read in now. */
197 gs->count = ((gs->hdr[0] & 0x3f) << 8) | gs->hdr[1]; 197 gs->count = ((gs->hdr[0] & 0x3f) << 8) | gs->hdr[1];
198 /* is_escape = (gs->hdr[0] & 0x40) != 0; */ 198 /* is_escape = (gs->hdr[0] & 0x40) != 0; */
(...skipping 247 matching lines...) Expand 10 before | Expand all | Expand 10 after
446 PORT_ZFree(gs->buf.buf, gs->buf.space); 446 PORT_ZFree(gs->buf.buf, gs->buf.space);
447 PORT_Free(gs->inbuf.buf); 447 PORT_Free(gs->inbuf.buf);
448 } 448 }
449 } 449 }
450 450
451 /* Caller must hold RecvBufLock. */ 451 /* Caller must hold RecvBufLock. */
452 static SECStatus 452 static SECStatus
453 ssl2_HandleV3HandshakeRecord(sslSocket *ss) 453 ssl2_HandleV3HandshakeRecord(sslSocket *ss)
454 { 454 {
455 SECStatus rv; 455 SECStatus rv;
456 SSL3ProtocolVersion version = (ss->gs.hdr[1] << 8) | ss->gs.hdr[2];
457 456
458 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) ); 457 PORT_Assert( ss->opt.noLocks || ssl_HaveRecvBufLock(ss) );
459 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) ); 458 PORT_Assert( ss->opt.noLocks || ssl_Have1stHandshakeLock(ss) );
460 459
461 /* We've read in 3 bytes, there are 2 more to go in an ssl3 header. */ 460 /* We've read in 3 bytes, there are 2 more to go in an ssl3 header. */
462 ss->gs.remainder = 2; 461 ss->gs.remainder = 2;
463 ss->gs.count = 0; 462 ss->gs.count = 0;
464 463
465 /* Clearing these handshake pointers ensures that 464 /* Clearing these handshake pointers ensures that
466 * ssl_Do1stHandshake won't call ssl2_HandleMessage when we return. 465 * ssl_Do1stHandshake won't call ssl2_HandleMessage when we return.
467 */ 466 */
468 ss->nextHandshake = 0; 467 ss->nextHandshake = 0;
469 ss->securityHandshake = 0; 468 ss->securityHandshake = 0;
470 469
471 /* Setting ss->version to an SSL 3.x value will cause 470 /* Setting ss->version to an SSL 3.x value will cause
472 ** ssl_GatherRecord1stHandshake to invoke ssl3_GatherCompleteHandshake() 471 ** ssl_GatherRecord1stHandshake to invoke ssl3_GatherCompleteHandshake()
473 ** the next time it is called. 472 ** the next time it is called.
474 **/ 473 **/
475 rv = ssl3_NegotiateVersion(ss, version); 474 rv = ssl3_NegotiateVersion(ss, SSL_LIBRARY_VERSION_MAX_SUPPORTED,
475 » » » PR_TRUE);
476 if (rv != SECSuccess) { 476 if (rv != SECSuccess) {
477 return rv; 477 return rv;
478 } 478 }
479 479
480 ss->sec.send = ssl3_SendApplicationData; 480 ss->sec.send = ssl3_SendApplicationData;
481 481
482 return SECSuccess; 482 return SECSuccess;
483 } 483 }
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698